An individual or entity that acquires, holds, or transacts with digital or tokenized assets (e.g., cryptocurrencies, tokens) for personal, commercial, or investment purposes. They may use self-hosted or custodial wallets, peer-to-peer platforms, decentralized finance (DeFi) protocols, or other virtual asset services and marketplaces.
Main/
Virtual Asset User
[]
Code
AT0049
[]
Name
Virtual Asset User
[]
Version
1.0
[]
Category
Customers, Clients & Private Individuals
[]
Created
2025-03-12
[]
Modified
2025-04-02
Related Techniques
Individuals using anonymizing networks obscure their IP addresses when opening or managing virtual asset accounts, hampering AML controls designed to detect location inconsistencies. By employing layered routing or proxy connections, they thwart investigators' efforts to connect digital wallet activities to real-world identities, especially when combined with frequent IP or node changes.
End-users may act knowingly (as cash-out partners or mixers) or unknowingly (if their compromised wallets are used to receive or forward cryptojacked coins).
Virtual asset users engage decentralized mixers to:
- Combine their digital assets with others in peer-to-peer or smart contract pooling, obscuring transaction trails.
- Circumvent KYC requirements by transacting in non-custodial architectures with minimal compliance controls.
This practice complicates financial institutions’ monitoring of transactions and hampers investigations linking funds back to illicit or high-risk sources.
Virtual asset users employ micro-structuring by:
- Splitting illicit funds into numerous small digital asset transfers, often below exchange or wallet alert thresholds.
- Shifting these small sums across multiple wallets or platforms to minimize the risk of detection.
This scattered approach challenges financial institutions that offer or monitor virtual asset services, as it fragments transactional data.
Criminals acting as virtual asset users exploit P2P transfers by:
- Creating multiple pseudonymous or unhosted wallets to bypass standard KYC.
- Rapidly moving funds across various accounts or blockchains to fragment illicit proceeds.
- Layering transactions through repeated small-value transfers, obscuring beneficial ownership.
These practices complicate financial institutions’ efforts to trace transaction flows or identify ultimate owners, as P2P channels often lack reliable identity verification and robust monitoring.
Virtual asset users exploit pseudonymous wallets or multiple exchange accounts by:
- Repeatedly trading the same cryptocurrency or token among addresses under their control.
- Creating artificial transaction volume to transform illicit proceeds into apparently legitimate trading gains.
Financial institutions face difficulty linking the same underlying controller behind multiple wallets, hindering transaction monitoring.